diff options
author | Richard Sharpe <sharpe@samba.org> | 2003-04-24 06:27:49 +0000 |
---|---|---|
committer | Richard Sharpe <sharpe@samba.org> | 2003-04-24 06:27:49 +0000 |
commit | dbd482622a59e667724fddd8f3cbcfb729e11a35 (patch) | |
tree | a6e9218b0838ef6e9b261043ffa173b359e7a472 | |
parent | b7ff7b37fbf8bd47c4a4b1e224891899822bdf92 (diff) | |
download | samba-dbd482622a59e667724fddd8f3cbcfb729e11a35.tar.gz samba-dbd482622a59e667724fddd8f3cbcfb729e11a35.tar.bz2 samba-dbd482622a59e667724fddd8f3cbcfb729e11a35.zip |
More functions to compute the space taken up by SIDs, ACEs, ACLs, SEC
DESCs etc, so we can store these in an output file.
(This used to be commit 7607a1c3cd5ffb69b8db0bfe50283bda97047c42)
-rw-r--r-- | source3/utils/editreg.c | 99 |
1 files changed, 96 insertions, 3 deletions
diff --git a/source3/utils/editreg.c b/source3/utils/editreg.c index eb796d43b6..34a9eecf11 100644 --- a/source3/utils/editreg.c +++ b/source3/utils/editreg.c @@ -444,7 +444,7 @@ struct key_sec_desc_s { struct key_sec_desc_s *prev, *next; int ref_cnt; int state; - int offset, stored; + int offset; SEC_DESC *sec_desc; }; @@ -1321,7 +1321,7 @@ KEY_SEC_DESC *nt_create_init_sec(REGF *regf) tsec->ref_cnt = 1; tsec->state = SEC_DESC_NBK; - tsec->stored = tsec->offset = 0; + tsec->offset = 0; tsec->sec_desc = regf->def_sec_desc; @@ -1798,7 +1798,7 @@ KEY_SEC_DESC *lookup_create_sec_key(REGF *regf, SK_MAP *sk_map, int sk_off) if (!tmp) { return NULL; } - bzero(tmp, sizeof(KEY_SEC_DESC)); + bzero(tmp, sizeof(KEY_SEC_DESC)); /* Neatly sets offset to 0 */ tmp->state = SEC_DESC_RES; if (!alloc_sk_map_entry(regf, tmp, sk_off)) { return NULL; @@ -1889,6 +1889,12 @@ SEC_DESC *process_sec_desc(REGF *regf, REG_SEC_DESC *sec_desc) tmp->type = SVAL(&sec_desc->type); if (verbose) fprintf(stdout, "SEC_DESC Rev: %0X, Type: %0X\n", tmp->rev, tmp->type); + if (verbose) fprintf(stdout, "SEC_DESC Owner Off: %0X\n", + IVAL(&sec_desc->owner_off)); + if (verbose) fprintf(stdout, "SEC_DESC Group Off: %0X\n", + IVAL(&sec_desc->group_off)); + if (verbose) fprintf(stdout, "SEC_DESC DACL Off: %0X\n", + IVAL(&sec_desc->dacl_off)); tmp->owner = dup_sid((DOM_SID *)((char *)sec_desc + IVAL(&sec_desc->owner_off))); if (!tmp->owner) { free(tmp); @@ -2580,6 +2586,72 @@ void *nt_alloc_regf_space(REGF *regf, int size, int *off) } /* + * Compute the size of a SID stored ... + */ + +unsigned int sid_size(DOM_SID *sid) +{ + unsigned int size; + + if (!sid) return 0; + + size = 8 + (sid->auths * sizeof(unsigned int)); + + return size; +} + +/* + * Compute the size of an ACE on disk from its components + */ + +unsigned int ace_size(ACE *ace) +{ + unsigned int size; + + if (!ace) return 0; + + size = 8 + sid_size(ace->trustee); + + return size; +} + +/* + * Compute the size of an ACL from its components ... + */ +unsigned int acl_size(ACL *acl) +{ + unsigned int size; + int i; + + if (!acl) return 0; + + size = 8; + for (i = 0; i < acl->num_aces; i++) + size += ace_size(acl->aces[i]); + + return size; +} + +/* + * Compute the size of the sec desc as a self-relative SD + */ +unsigned int sec_desc_size(SEC_DESC *sd) +{ + unsigned int size; + + if (!sd) return 0; + + size = 20; + + if (sd->owner) size += sid_size(sd->owner); + if (sd->group) size += sid_size(sd->group); + if (sd->sacl) size += acl_size(sd->sacl); + if (sd->dacl) size += acl_size(sd->dacl); + + return size; +} + +/* * Store the security information * * If it has already been stored, just get its offset from record @@ -2588,6 +2660,27 @@ void *nt_alloc_regf_space(REGF *regf, int size, int *off) unsigned int nt_store_security(REGF *regf, KEY_SEC_DESC *sec) { + int size = 0; + unsigned int sk_off; + SK_HDR *sk_hdr; + + if (sec->offset) return sec->offset; + + /* + * OK, we don't have this one in the file yet. We must compute the + * size taken by the security descriptor as a self-relative SD, which + * means making one pass over each structure and figuring it out + */ + + size = sec_desc_size(sec->sec_desc); + + /* Allocate that much space */ + + sk_hdr = nt_alloc_regf_space(regf, size, &sk_off); + + if (!sk_hdr) return 0; + + /* Now, lay out the sec_desc in the space provided */ return 0; |